WiFi is taking flight

Tucked in a corner of an airplane hangar in Iraq, an Air Force mechanic is repairing a plane's hydraulic landing gear system when he hits a snag and needs to refer to the aircraft's maintenance manual.

He doesn't stop working to search for a paper manual, which may or may not be in the hangar. Instead, he pulls out a ruggedized tablet computer to access the LAN. Within minutes, he has downloaded the information he needs from a U.S.-based database and is back to work on the plane.

That scenario is a reality, said Tom Badders, director of wireless strategic development for Telos Corp. of Ashburn, Va.

Ubiquitous network connection is happening, thanks in large part to the proliferation of wireless networks for both civilian and Defense agencies.

Wireless makes sense

In many cases, wireless makes the most sense, whether it's because of the devices people are using or because of the physical requirements of bases, buildings or conference rooms.

Telos has installed wireless networks at 85 of the Air Force's 108 bases as well as 11 other Air Force sites worldwide, Badders said. 'Primarily, it's for maintenance and logistics operations, so we put wireless LAN coverage on flight lines, inside hangars, back shops, wherever maintenance and logistics operations are taking place.'

The wireless infrastructure extends the Air Force's enterprise network to those whose job is to get aircraft back in the air, and increases the service's supply chain efficiencies. Constant connection to the network lets personnel tie into maintenance databases, check tech orders on supply and logistics applications, fix equipment, update orders, read technical manuals, and order and track parts through the supply chain.

When a systems integrator is building a wireless network for a government customer, two main issues need to be addressed: making the wireless network operate well in the given surroundings, and making the network secure.

An integrator building an IEEE 802.11 wireless network must look at how it will be secured, whether it will have Layer 2 or Layer 3 encryption and other security variables.

In addition to policies from the National Institute of Standards and Technology and the Defense Department, each government entity also has its own guidelines.

Contractors implementing wireless solutions in the federal government environment must use wireless products that have been proven, in a laboratory setting, to work within federal guidelines, and that have proven secure.

Shipment of WiFi technology reached approximately 120 million chip sets in 2005 as demand for the technology surged, said Frank Hanzlik, managing director of the WiFi Alliance.

'I think right when we came out with the 802.11i capability, which includes EES [Escrowed Encryption Standard] level encryption, the highest level of encryption commercially available, I think that really was a turning point,' Hanzlik said. 'Since that time, we've seen far more support for incorporating WiFi into the government's overall wireless plans.'

The increased use of 802.11 handheld devices, mobile phones and tablet PCs is driving the demand.

Agencies are looking to develop wireless data networks, said Marcus Fedeli, an analyst with market researcher Input of Reston, Va.

For example, a $100 million contract from the Air Force is in the works for data link integration for the Air Mobility Command, which provides airlift and air refueling services. The command needs hardware and software for tactical data link capabilities, and a data link for situational awareness in the cockpit.

'We use three main design guidelines that are available within the DOD and within the federal marketplace,' Orr said.

The Defense Department has a wireless architecture design guide for using commercial equipment.

Additionally, the National Information Assurance Partnership, a federal initiative created for the security testing needs of both IT consumers and producers, administers the Common Criteria protection profile, which provides a methodology for developing security specifications for IT products.

The third guideline on Cisco's most-used list is the Federal Information Processing Standard 140-2, nonproprietary security policy for cryptographic modules.

'Various agencies have little addendums and add-ons, but those are the three main documents we use in designing our wireless architecture,' Orr said.

Booz Allen Hamilton Inc. of McLean, Va., is working with the Defense Department on a follow-on policy that is nearly final.

'If a vendor wants to spend the investment to get its products validated to enter the federal government market, it has the capability to do so, given the guidance and the realignment of the standards,' Syed said.

When NIST has completed its certification of 802.11i access points and issued guidelines, the security concerns for wireless can be reduced.

'However, until that happens, we're still concerned about integrating the right levels of security and encryption in the network,' Badders said.

Puzzle pieces

For now, that might require adding layers of network security, such as an intrusion detection system, an overlay of wireless sensors that prohibit or monitor for rogue access points connecting to the network.

'The sole purpose of those sensors is to track that activity and notify the network administrator that something weird is happening to the system, and they need to track it down,' Badders said.

The essential pieces needed to create the local network are access points and wireless switches, Orr said.

Choosing the correct access points is critical to building an effective wireless network.

First, the coverage area must be identified and the best antenna signal amplification for that area chosen.

Signal strength must be great enough to let all potential users access it, but it shouldn't project beyond the designated coverage area.

'You want to make sure you don't extend a government's network out into a commercial arena,' Badders said. 'There are a number of bases that are sometimes stuck in the middle of a city, and you need to make sure you design the network so that it works properly in the intended area, but doesn't leak out into the commercial environment.'